Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/ed8eba-6bd4-4438-b3e0-c496f9cafa83/1/24LmoNlDA3mTST7ILFjXRoavbLc.roa
File: 24LmoNlDA3mTST7ILFjXRoavbLc.roa (raw, json)
Hash identifier: ChZQ2voHnXOpu6Bgdd654y5XHIYOuPkH15v1qaYadLA=
Subject key identifier: DB:82:E6:A0:D9:43:03:79:93:49:3E:C8:2C:58:D7:46:86:AF:6C:B7
Certificate issuer: /CN=7490ce6b6f8f750e03584ebbd7bdad0f11fbe31c
Certificate serial: 019DD384310D17431A1E7D5C0E069452A5E5
Authority key identifier: 74:90:CE:6B:6F:8F:75:0E:03:58:4E:BB:D7:BD:AD:0F:11:FB:E3:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJDOa2-PdQ4DWE67172tDxH74xw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/ed8eba-6bd4-4438-b3e0-c496f9cafa83/1/24LmoNlDA3mTST7ILFjXRoavbLc.roa
Signing time: Tue 28 Apr 2026 09:55:49 +0000
ROA not before: Tue 28 Apr 2026 09:55:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198473
IP address blocks: 2.59.184.0/22 maxlen: 22
91.235.100.0/24 maxlen: 24
185.126.53.0/24 maxlen: 24
185.126.54.0/23 maxlen: 23
185.149.229.0/24 maxlen: 24
185.149.230.0/24 maxlen: 24
2a10:b080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/ed8eba-6bd4-4438-b3e0-c496f9cafa83/1/dJDOa2-PdQ4DWE67172tDxH74xw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/ed8eba-6bd4-4438-b3e0-c496f9cafa83/1/dJDOa2-PdQ4DWE67172tDxH74xw.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJDOa2-PdQ4DWE67172tDxH74xw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d3:84:31:0d:17:43:1a:1e:7d:5c:0e:06:94:52:a5:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7490ce6b6f8f750e03584ebbd7bdad0f11fbe31c
Validity
Not Before: Apr 28 09:55:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=db82e6a0d943037993493ec82c58d74686af6cb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:fd:b4:b2:bb:4d:81:7f:11:1b:96:f7:f8:c5:
7d:fa:76:b5:bb:6b:1c:1f:ec:4a:47:64:c6:14:5f:
11:3a:d4:27:0c:91:b2:ac:ef:89:16:37:a1:d3:0c:
3f:ac:24:9c:74:54:d7:a1:60:62:69:08:fe:44:86:
8d:2c:6c:cb:02:fa:ec:50:93:55:d0:4e:4e:d2:1b:
30:8b:01:6c:39:70:25:3c:9a:bb:9f:30:6c:dd:d7:
3c:97:62:43:e0:3c:a5:60:e3:ca:8d:e5:8b:22:74:
9b:0f:5c:ff:a1:aa:2e:39:1e:e1:b3:c8:39:c7:59:
c0:e6:dc:a8:fe:8e:bb:1b:22:0e:6c:f2:7f:9b:6a:
e5:c8:07:26:37:d7:9b:24:e3:2b:9f:85:23:ea:17:
d2:30:35:c8:a3:4d:66:17:2c:fa:71:98:29:38:0b:
54:cf:2a:b5:66:98:05:32:af:62:24:35:e7:9f:4f:
15:a2:29:72:77:d6:93:27:9c:3d:4d:fc:ce:17:ef:
5a:f2:d4:ec:6e:2d:f4:2f:ce:a6:13:72:48:71:f2:
48:0f:a6:42:e0:cf:f3:68:4d:66:b2:bb:8c:49:a3:
47:f2:9a:c9:c6:0b:5c:38:f5:0f:bf:7d:89:4e:6d:
77:93:fb:38:73:45:e7:98:2e:a9:8d:11:b8:5d:60:
88:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:82:E6:A0:D9:43:03:79:93:49:3E:C8:2C:58:D7:46:86:AF:6C:B7
X509v3 Authority Key Identifier:
keyid:74:90:CE:6B:6F:8F:75:0E:03:58:4E:BB:D7:BD:AD:0F:11:FB:E3:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJDOa2-PdQ4DWE67172tDxH74xw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/ed8eba-6bd4-4438-b3e0-c496f9cafa83/1/24LmoNlDA3mTST7ILFjXRoavbLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/ed8eba-6bd4-4438-b3e0-c496f9cafa83/1/dJDOa2-PdQ4DWE67172tDxH74xw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.184.0/22
91.235.100.0/24
185.126.53.0-185.126.55.255
185.149.229.0-185.149.230.255
IPv6:
2a10:b080::/29
Signature Algorithm: sha256WithRSAEncryption
30:94:ef:a2:a4:50:a4:f6:ba:56:d5:95:bb:98:bd:7a:86:9d:
b7:c1:7d:c0:66:c8:18:e7:03:b0:d7:cb:8e:d0:89:c8:6c:8e:
60:c9:e6:98:35:b8:fd:63:5a:22:17:27:f6:f3:09:d5:af:82:
55:31:0a:84:4c:9d:ae:02:ce:bf:90:78:72:52:3c:ca:ed:97:
f7:31:51:e5:f5:7c:76:b3:a4:80:95:b3:18:5c:ca:a1:49:94:
46:ef:86:c9:8e:2f:d4:05:fe:c4:7c:7b:7e:db:1d:a0:ae:37:
f5:ec:c9:93:21:d2:13:89:62:b6:85:22:13:92:5f:e5:b5:7d:
b5:ed:24:45:aa:b6:18:a0:b7:37:c0:df:38:41:66:94:ad:07:
b9:91:ec:f3:bb:b3:ee:bd:47:d4:d3:7a:21:a9:3b:63:53:b5:
0f:06:16:05:70:d4:e6:e0:1a:c6:9d:83:af:d3:94:ad:f7:0a:
0a:1a:89:e6:b0:b9:4b:f8:03:a2:cd:11:8e:6b:8d:4b:6e:53:
5a:6d:49:bf:61:38:1f:4a:66:da:6d:cf:8a:d1:42:62:34:5d:
de:ee:dd:ba:44:92:11:6c:6d:5b:ec:64:33:b4:72:40:b7:2e:
a3:81:ac:e1:70:05:5b:54:1c:54:82:29:f4:30:b9:92:d4:ef:
a0:42:66:16
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZ3ThDENF0MaHn1cDgaUUqXlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTBjZTZiNmY4Zjc1MGUwMzU4NGViYmQ3YmRhZDBmMTFm
YmUzMWMwHhcNMjYwNDI4MDk1NTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjgyZTZhMGQ5NDMwMzc5OTM0OTNlYzgyYzU4ZDc0Njg2YWY2Y2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiv20srtNgX8RG5b3+MV9+na1u2sc
H+xKR2TGFF8ROtQnDJGyrO+JFjeh0ww/rCScdFTXoWBiaQj+RIaNLGzLAvrsUJNV
0E5O0hswiwFsOXAlPJq7nzBs3dc8l2JD4DylYOPKjeWLInSbD1z/oaouOR7hs8g5
x1nA5tyo/o67GyIObPJ/m2rlyAcmN9ebJOMrn4Uj6hfSMDXIo01mFyz6cZgpOAtU
zyq1ZpgFMq9iJDXnn08Voilyd9aTJ5w9TfzOF+9a8tTsbi30L86mE3JIcfJID6ZC
4M/zaE1msruMSaNH8prJxgtcOPUPv32JTm13k/s4c0XnmC6pjRG4XWCIlQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFNuC5qDZQwN5k0k+yCxY10aGr2y3MB8GA1UdIwQY
MBaAFHSQzmtvj3UOA1hOu9e9rQ8R++McMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpET2EyLVBkUTREV0U2NzE3MnREeEg3NHh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9lZDhlYmEtNmJkNC00NDM4LWIzZTAt
YzQ5NmY5Y2FmYTgzLzEvMjRMbW9ObERBM21UU1Q3SUxGalhSb2F2YkxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9lZDhlYmEtNmJkNC00NDM4LWIzZTAtYzQ5NmY5Y2FmYTgz
LzEvZEpET2EyLVBkUTREV0U2NzE3MnREeEg3NHh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwQCAju4AwQA
W+tkMAwDBAC5fjUDBAO5fjAwDAMEALmV5QMEALmV5jANBAIAAjAHAwUDKhCwgDAN
BgkqhkiG9w0BAQsFAAOCAQEAMJTvoqRQpPa6VtWVu5i9eoadt8F9wGbIGOcDsNfL
jtCJyGyOYMnmmDW4/WNaIhcn9vMJ1a+CVTEKhEydrgLOv5B4clI8yu2X9zFR5fV8
drOkgJWzGFzKoUmURu+GyY4v1AX+xHx7ftsdoK439ezJkyHSE4litoUiE5Jf5bV9
te0kRaq2GKC3N8DfOEFmlK0HuZHs87uz7r1H1NN6Iak7Y1O1DwYWBXDU5uAaxp2D
r9OUrfcKChqJ5rC5S/gDos0RjmuNS25TWm1Jv2E4H0pm2m3PitFCYjRd3u7dukSS
EWxtW+xkM7RyQLcuo4Gs4XAFW1QcVIIp9DC5ktTvoEJmFg==
-----END CERTIFICATE-----
Generated at Tue May 12 21:53:36 2026 by rpki-client